Federal Judge, ICE Agents Linked to Compromised Spyware Use
Sometimes the government spies on you. And sometimes they hire a poorly secured Eastern European firm to do it for them.
Last week, hacktivists published the customer support database for Brainstack, a Ukrainian company that runs a phone tracking service called mSpy. (It was the third mSpy security breach in a decade.) The database includes messages from Immigrations and Customs Enforcement (ICE) agents, active-duty troops, and a U.S. circuit court judge interested in using mSpy to conduct surveillance.
Employees at the U.S. State Department, the Nebraska National Guard, and two federal auditing offices reached out to mSpy about using the service in official investigations. Many more low-level officials and service members seemed to be using mSpy to monitor people in their private lives, but signed up through their government emails. In some cases, it was unclear whether government employees were using mSpy for official or personal business.Â
Even if the private spying was for a legitimate purpose—such as parents monitoring their children’s internet usage—it was probably not the best idea to sign up for foreign spyware with known security issues from a government email account.
Judge Kevin Newsom, the circuit judge of the United States Court of Appeals for the 11th Circuit, used his government email address to log into an mSpy customer service chat in February 2019. “You can’t reliably monitor Snapchat, which is the only reason I got it,” he complained. He sent mSpy a follow-up email asking for a refund, signed with his official title as a judge.
“Judge Newsom’s use was entirely in his personal capacity to address a family matter,” says Kate Adams, director of workplace relations at the 11th Circuit.
MSpy has previously suffered serious security problems over the past decade. In May 2015, hackers stole data on mSpy’s targets and offered it for sale on the dark web. When cybersecurity journalist Brian Krebs broke the story, mSpy tried to claim the data was fake, then eventually admitted to the breach. In September 2018, mSpy accidentally left that same type of data on a public-facing server, then removed it when Krebs noticed.
In early June 2024, the Swiss hacktivist maia arson crimew, who had previously leaked the FBI’s No Fly List, claimed that an “anonymous source” had sent her 150 gigabytes of data from mSpy’s customer service branch. “From all the past stalkerware leaks, usually what leaks is victim data,” crimew tells Reason via encrypted voice chat. But this leak was about mSpy’s clients—essentially turning the surveillance back against the surveilers.
Last week, the leaked client data was published on DDoSecrets, a website widely considered to be WikiLeaks’ successor. (DDoSecrets is also famous for hosting BlueLeaks, a massive 2020 leak of police files.) The mSpy media team did not respond to an email asking for comment on the leak.
Reason reviewed mSpy data from several hundred American users with .gov and .mil email addresses, out of 2.5 million users in total. Crimew wrote on her blog that she also found officials from Australia, France, Germany, Italy, Switzerland, Turkey, Israel, Thailand, and Vietnam in the data.
Unlike other intelligence-for-hire services, mSpy requires users to have intimate access to the target already. The software must be installed directly on the target’s phone, iCloud account, or WiFi network. Afterwards, it provides the user with the target’s call logs, messages, and location data. Brainstack advertises mSpy as a parental guidance tool, but others pejoratively call the service “stalkerware.”
Indeed, a few of the customer service messages came from federal and local law enforcement officials looking for a way to send mSpy a subpoena or warrant because the service was allegedly used in a crime. A detect
Article from Latest
![](https://libertarianguide.com/wp-content/uploads/reason-logo-square.jpeg)
The Reason Magazine website is a go-to destination for libertarians seeking cogent analysis, investigative reporting, and thought-provoking commentary. Championing the principles of individual freedom, limited government, and free markets, the site offers a diverse range of articles, videos, and podcasts that challenge conventional wisdom and advocate for libertarian solutions. Whether you’re interested in politics, culture, or technology, Reason provides a unique lens that prioritizes liberty and rational discourse. It’s an essential resource for those who value critical thinking and nuanced debate in the pursuit of a freer society.